[Freeipa-devel] [DESIGN] Thin client

Jan Cholasta jcholast at redhat.com
Wed Apr 27 05:48:10 UTC 2016 

On 26.4.2016 18:12, Petr Vobornik wrote:
> On 04/26/2016 12:28 PM, Jan Cholasta wrote:
>> Hi,
>>
>> see <http://www.freeipa.org/page/V4/Thin_Client> for initial design of
>> the Thin client feature. The API compatibility part of the design is
>> work in progress (by me), as is the client side caching part (by David).
>>
>> Big thanks to David for actually writing most of the text in the design
>> page.
>>
>> Comments and suggestions are welcome.
>>
>> Honza
>>
>
> 1. "IPA client can send metadata fingerprint with request."
> When the client will send the metadata and when it won't? It will for
> all 4.4+ servers? And won't for the legacy ones?

Correct.

>
> 2. How the client will determine #1? Will it use ipa ping in the very
> first request and then use this version of metadata until version(legacy
> server) or metadata fingerprint changes? Which will trigger download of
> metadata in next request?

The first thing the client has to do is to download the metadata. If 
it's an old server, this will fail. At this point the client knows it 
can't send the fingerprint to the server.

>
> 3. I don't much understand:
> """
> To avoid breaking users' scripts the client MUST use the oldest version
> of command available by default. User CAN change the default behavior to
> use the latest available version instead of the oldest and CAN specify
> per command override.
> """

This paragraph is no longer up to date, as of 15 minutes ago :-)

> What is the oldest command available? E.g. I have a 4.4 server and 4.5
> client. Is it 4.4 or some older, legacy one? If I have 4.5 server and
> 4.4 client is it 4.4 with available override to use 4.5 given that the
> client knows new version of command from metadata?

The current idea is that the client will use the newest command version 
available at build time by default. This way nothing depending on a 
particular client behavior will break as long as the client is not 
upgraded. Users will be able to explicitly specify which command version 
to use. When talking to an older server which does not have the 
requested command version, the request will fail with an error informing 
the user about the highest command version available.

-- 
Jan Cholasta

More information about the Freeipa-devel mailing list